News & Updates

Iranian Hackers Using SimpleHelp Remote Support Software for Persistent Access

/
The Iranian threat actor known as MuddyWater is continuing its time-tested tradition of relying on legitimate remote administration tools to commandeer targeted systems.
While the nation-state group has previously employed ScreenConnect, RemoteUtilities, and Syncro, a new analysis from Group-IB has revealed the adversary’s use of the SimpleHelp remote support software in June 2022.
MuddyWater,
News & Updates

The intricate relationships between the FIN7 group and members of the Conti ransomware gang

/

A new malware, dubbed Domino, developed by the FIN7 cybercrime group has been used by the now-defunct Conti ransomware gang. IBM Security X-Force researchers recently discovered a new malware family, called Domino, which was created by developers associated with the FIN7 cybercriminal group (tracked by X-Force as ITG14). FIN7 is a Russian criminal group (aka Carbanak) that has […]

The post The intricate relationships between the FIN7 group and members of the Conti ransomware gang appeared first on Security Affairs.

Cybersecurity Tools

New ”Domino” Malware Strain Targets Corporate Networks

/

Researchers recently discovered a new malware family named “Domino”, allegedly created by ITG14, also known as the FIN7 threat group. Reportedly, ex-Conti hackers have been using it since at least February 2023 to spread Project Nemesis info stealer or Cobalt Strike. Due to massive code overlap with the Lizar post-exploitation toolkit, researchers also attributed the […]

The post New ”Domino” Malware Strain Targets Corporate Networks appeared first on Heimdal Security Blog.

Cybersecurity Tools

Rheinmetall Suffers Another Cyberattack – Company Operations Still Functional

/

Rheinmetall, a leading German armaments and technology company, was targeted by a cyberattack over the weekend. The attack, however, did not affect company operations, according to officials. Rheinmetall, the largest arms company in Germany and one of the top three Western producers of military equipment and ammunition, is currently valued at more than 10 billion euros […]

The post Rheinmetall Suffers Another Cyberattack – Company Operations Still Functional appeared first on Heimdal Security Blog.

Cybersecurity Tools

What Is Data Minimisation? Definition & Examples

/

Data minimisation is a key part of information security and the GDPR (General Data Protection Regulation) in particular. Its principles are at the heart of effective data protection practices, and are intended to prevent privacy breaches and minimise the damage when security incidents occur. What is data minimisation? Data minimisation requires organisations to process personal data only if it serves a specific purpose, and to retain it for only as long as it’s needed to meet that purpose. Article 5(1) of the GDPR provides further guidance, explaining that organisations should consider three factors whenever they process personal information: Meeting the

The post What Is Data Minimisation? Definition & Examples appeared first on IT Governance UK Blog.

News & Updates

19 startups to check out at RSA Conference 2023

/

This year’s RSA Conference showcases promising startups from all over the world, many of which are making their first public appearance. Most will be exhibiting in the Early Stage Expo, which features 50 new security solution providers. Other startup exhibitors are finalists in RSA’s Innovation Sandbox competition.

Perhaps the most interesting aspect about startups is that they target needs not addressed by established vendors. Those needs are often the result of changing trends in threat actors’ objectives and how they target and exploit victims.

To read this article in full, please click here

News & Updates

The classified document leak: let’s talk about Jack Teixeira’s need-to-know

/

The arrest of 21-year-old Airman First Class Jack Teixeira last week has inspired myriad reactions from armchair pundits declaring 21 is too young to be trusted with classified information to the need to reform the Department of Defense and the intelligence community to the US Speaker of the House calling for hearings on how the administration of President Joe Biden could have allowed such a breach to occur. In my opinion, the real concern is the need to reform policies and processes associated with how information is accessed by insiders.

As the case brought against Teixeira unfolds, one realization we don’t have to wait for is that the insider risk management program within the United States Air Force’s 102nd Intelligence Wing at Otis Air National Guard Base failed, and failed spectacularly. A reading of the Department of Justice affidavit in support of an arrest warrant provides a glimpse into Teixeira’s naivete and that his actions were malevolent from the get-go.

To read this article in full, please click here

News & Updates

LockBit Ransomware Now Targeting Apple macOS Devices

/
Threat actors behind the LockBit ransomware operation have developed new artifacts that can encrypt files on devices running Apple’s macOS operating system.
The development, which was reported by the MalwareHunterTeam over the weekend, appears to be the first time a big-game ransomware crew has created a macOS-based payload.
Additional samples identified by vx-underground show that the macOS
News & Updates

Qu’est-ce que l’empreinte numérique numérique et pourquoi les pirates veulent-ils la vôtre?

/
Aujourd’hui, les sites Web collectent des tonnes d’informations sur les
internautes, non seulement à des fins publicitaires, d’optimisation commerciale
et d’expérience utilisateur, mais également à des fins de sécurité.

En plus des cookies, les sites Web utilisent les «empreintes digitales» pour
collecter des informations sur le navigateur Web, le matériel, la configuration
de l’appareil, le fuseau horaire et même les modèles de comportement d’un
utilisateur, pour autoriser un utilisateur légit

Scroll to Top